Secrecy News

DNI Orders “Integrated Defense” of Intelligence Information

Share this:

The Director of National Intelligence is calling for the “integrated defense” of intelligence community (IC) information and systems to protect against unauthorized disclosures of intelligence sources and methods.

While every intelligence agency already has its own security procedures, a new Intelligence Community Directive (pdf) issued by the DNI would require a more coordinated and consistent approach, involving “unified courses of action to defend the IC information environment.”

“The IC information environment is an interconnected shared risk environment where the risk accepted by one IC element is effectively accepted by all,” the new Directive said. Therefore, “integrated defense of the IC information environment is essential to maintaining the confidentiality, integrity, and availability of all information held by each IC element.”

The Directive does not specify the defensive measures that are to be taken, but states that they should address “the detection, isolation, mitigation and response to incidents, which include spills, outages, exploits, attacks and other vulnerabilities.” An IC Incident Response Center will maintain “situational awareness of network topology, including connection points among IC element networks; threats, vectors, and actions that could adversely affect the IC information environment; and the overall health and status of IC information environment defenses.”

Although intelligence agencies are not waiting for security policy guidance from Congress, the intelligence oversight committees seem determined to provide it anyway.

In its initial markup of the FY2011 intelligence authorization bill, the House Intelligence Committee has prescribed the establishment of an Insider Threat Detection Program “in order to detect unauthorized access to, or use or transmission of, classified intelligence.”

The Senate Intelligence Committee reportedly wants to require a revised or supplemental non-disclosure agreement for intelligence employees, by which they would consent in advance to surrender their pension benefits if they were found to have committed an unauthorized disclosure.

As far as is known, neither Committee has advanced any new proposals for reducing unnecessary classification or strengthening protections for national security whistleblowers.

“The basic problem is that if you centralise systems containing sensitive information, you risk creating a more valuable asset and simultaneously giving more people access to it.” – Ross Anderson in Security Engineering

The answer is neither extreme of ‘fully distributed’ or ‘fully centralized’. The idea is “federated”; this has a strong IT architectural overtone of separate systems that are unified in specific and manageable ways. Think of a large house with interior doors that all have locks. This is what is needed.